A method of implementing a logical switching element. The method generates data for programming a set of two or more physical forwarding elements to implement the logical switching element. The method uses a first controller to distribute at least a first portion of the generated data to a first plurality of physical forwarding elements in the set of physical forwarding elements. The first controller serves as the master controller for the first plurality of physical forwarding elements. The method uses a second controller to distribute at least a second portion of the generated data to a second plurality of physical forwarding elements in the set of physical forwarding elements. The second controller serves as the master controller for the second plurality of physical forwarding elements.

Some embodiments provide a method for handling failure at one of several peer centralized components of a logical router. At a first one of the peer centralized components of the logical router, the method detects that a second one of the peer centralized components has failed. In response to the detection, the method automatically identifies a network layer address of the failed second peer. The method assumes responsibility for data traffic to the failed peer by broadcasting a message on a logical switch that connects all of the peer centralized components and a distributed component of the logical router. The message instructs recipients to associate the identified network layer address with a data link layer address of the first peer centralized component.

A novel design of a gateway that handles traffic in and out of a network by using a datapath pipeline is provided. The datapath pipeline includes multiple stages for performing various data-plane packet-processing operations at the edge of the network. The processing stages include centralized routing stages and distributed routing stages. The processing stages can include service-providing stages such as NAT and firewall. The gateway caches the result previous packet operations and reapplies the result to subsequent packets that meet certain criteria. For packets that do not have applicable or valid result from previous packet processing operations, the gateway datapath daemon executes the pipelined packet processing stages and records a set of data from each stage of the pipeline and synthesizes those data into a cache entry for subsequent packets.

A network appliance can be configured for storing a plurality of flow table entries in a flow table of a match-action pipeline, wherein the match-action pipeline is implemented via a packet processing circuit configured to process a plurality of network traffic flows associated with the plurality of flow table entries. An extended packet processing pipeline of the network appliance can read a flow table entry of the flow table. The extended packet processing pipeline can be implemented via a pipeline circuit. The extended packet processing pipeline can determine that a network traffic flow associated with the flow table entry is expired or terminated. The network appliance can delete the flow table entry from the flow table by processing a traffic flow deletion operation after determining that the network traffic flow is expired or terminated.

An example virtual router includes a plurality of logical cores (“lcores”), where each lcore comprises a CPU core or hardware thread. The virtual router is configured to determine a latency profile, select, based at least in part on the latency profile, a packet processing mode from the plurality of packet processing modes. In response to a determination that the packet processing mode comprises the run-to-completion mode, an lcore of the plurality of lcores is configured to: read a network packet from a device queue, process the network packet to determine a destination virtual device for the network packet, the destination virtual device having a plurality of interface queues, and insert the network packet into an interface queue of the plurality of interface queues.

Methods and system for directing traffic flows to a fast data path or a slow data path are disclosed. Parsers can produce packet header vectors (PHVs) for use in match-action units. The PHVs are also used to generate feature vectors for the traffic flows. A flow training engine produces a classification model. Feature vectors input to the classification model result in output predictions predicting if a traffic flow will be long lived or short lived. The classification models are used by network appliances to install traffic flows into fast data paths or the slow data paths based on the predictions.

A method and network device for network traffic flooding. Specifically, the method and network device disclosed herein implement the mitigation of the lack of data-link layer (or L2) addressing resolutions, usually learned by or programmed manually into the network device, through the flooding of affected network traffic across identified network broadcast domains. Flooding of the network traffic in the aforementioned manner may ensure that at least the destination(s) of the network traffic receives the network traffic at least in scenarios where which it is unknown out of which particular physical network interface(s) should the network traffic be transmitted to reach the destination(s).

Link data is stored in a distributed link descriptor memory (“DLDM”) including memory instances storing protocol data unit (“PDU”) link descriptors (“PLDs”) or cell link descriptors (“CLDs”). Responsive to receiving a request for buffering a current transfer data unit (“TDU”) in a current PDU, a current PLD is accessed in a first memory instance in the DLDM. It is determined whether any data field designated to store address information in connection with a TDU is currently unoccupied within the current PLD. If no data field designated to store address information in connection with a TDU is currently unoccupied within the current PLD, a current CLD is accessed in a second memory instance in the plurality of memory instances of the same DLDM. Current address information in connection with the current TDU is stored in an address data field within the current CLD.

Systems and methods are described for customizable data streams in a streaming data processing system. Routing criteria for the customizable data streams are defined by a user, an automated process, or any other process. The routing criteria can be defined using graphical controls. The streaming data processing system uses the routing criteria to determine data that should be used to populate a particular data stream. Further, processing pipelines are customized such that a particular processing pipeline can obtain data from a particular user defined data stream and write data to a particular user defined data stream. Data is routed through the user defined data streams and customized processing pipelines based on a data route. A data route for a set of data may include multiple user defined data streams and multiple processing pipelines. The data route can include a loop of processing pipelines and data streams.

Some embodiments of the invention provide a network forwarding element that can be dynamically reconfigured to adjust its data message processing to stay within a desired operating temperature or power consumption range. In some embodiments, the network forwarding element includes (1) a data-plane forwarding circuit (“data plane”) to process data tuples associated with data messages received by the IC, and (2) a control-plane circuit (“control plane”) for configuring the data plane forwarding circuit. The data plane includes several data processing stages to process the data tuples. The data plane also includes an idle-signal injecting circuit that receives from the control plane configuration data that the control plane generates based on the IC's temperature. Based on the received configuration data, the idle-signal injecting circuit generates idle control signals for the data processing stages. Each stage that receives an idle control signal enters an idle state during which the majority of the components of that stage do not perform any operations, which reduces the power consumed and temperature generated by that stage during its idle state.